Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
383d512f82313e22bd0ac97517b77f7179a3c77f5b39e5b2335013d2a2b0fafd
-
Size
100KB
-
Sample
241121-a6n4baxgml
-
MD5
d72a4038c6bbc827edbe1acad62037c4
-
SHA1
afd87e7be24df815bd2c0307f401517fb83cd2b4
-
SHA256
383d512f82313e22bd0ac97517b77f7179a3c77f5b39e5b2335013d2a2b0fafd
-
SHA512
4e6682861496180f95dbbb015cd2a4829727adff88de561396c09391fbe3c6e41302126b6b23818614c4efcfa0f7d8f0ed23a0b7bcbc4ec80028dc60c5a59138
-
SSDEEP
3072:n/k3hbdlylKsgqopeJBWhZFGkE+cL2NdAFxe53lGvFTQ3IzxgdrvxpU0OKvMB:/k3hbdlylKsgqopeJBWhZFVE+W2NdAOK
Behavioral task
behavioral1
Sample
383d512f82313e22bd0ac97517b77f7179a3c77f5b39e5b2335013d2a2b0fafd.xls
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
383d512f82313e22bd0ac97517b77f7179a3c77f5b39e5b2335013d2a2b0fafd.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
http://185.7.214.7/fer/fe3.html
Targets
-
-
Target
383d512f82313e22bd0ac97517b77f7179a3c77f5b39e5b2335013d2a2b0fafd
-
Size
100KB
-
MD5
d72a4038c6bbc827edbe1acad62037c4
-
SHA1
afd87e7be24df815bd2c0307f401517fb83cd2b4
-
SHA256
383d512f82313e22bd0ac97517b77f7179a3c77f5b39e5b2335013d2a2b0fafd
-
SHA512
4e6682861496180f95dbbb015cd2a4829727adff88de561396c09391fbe3c6e41302126b6b23818614c4efcfa0f7d8f0ed23a0b7bcbc4ec80028dc60c5a59138
-
SSDEEP
3072:n/k3hbdlylKsgqopeJBWhZFGkE+cL2NdAFxe53lGvFTQ3IzxgdrvxpU0OKvMB:/k3hbdlylKsgqopeJBWhZFVE+W2NdAOK
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-